BugTraq Mode:
(Page 6 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
ZK Time_Web Software 2.0 - Broken Authentication 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)
Vulnerability Type: Broken Authentication
Vendor of Product: ZKTeco
Affected Product Code Base: ZKTime Web - 2.0.1.12280
Affected Component: ZK Time Web Interface Management.
Attack Type: Local - Unauthenticated
Impact: Information Disclosure
------------------------------------------
Product descri

[ more ]  [ reply ]
ZKTime_Web Software 2.0 - Cross Site Request Forgery 2017-09-18
Arvind Vishwakarma (arvind12786 gmail com)
Vulnerability Type: Cross Site Request Forgery (CSRF)
Vendor of Product: ZKTeco
Affected Product Code Base: ZKTime Web - 2.0.1.12280
Affected Component: ZK Time Web Interface Management.
Attack Type: Local - Authenticated
Impact: Escalation of Privileges
------------------------------------------
Pr

[ more ]  [ reply ]
[SECURITY] [DSA 3976-1] freexl security update 2017-09-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3976-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 17, 2017

[ more ]  [ reply ]
[slackware-security] kernel (SSA:2017-258-02) 2017-09-15
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kernel (SSA:2017-258-02)

New kernel packages are available for Slackware 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/li

[ more ]  [ reply ]
[SECURITY] [DSA 3975-1] emacs25 security update 2017-09-15
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3975-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 15, 2017

[ more ]  [ reply ]
[slackware-security] emacs (SSA:2017-255-01) 2017-09-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] emacs (SSA:2017-255-01)

New emacs packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+------------------------

[ more ]  [ reply ]
[slackware-security] libzip (SSA:2017-255-02) 2017-09-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libzip (SSA:2017-255-02)

New libzip packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/libzip-1.0

[ more ]  [ reply ]
[SECURITY] [DSA 3970-1] emacs24 security update 2017-09-12
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3970-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
September 12, 2017

[ more ]  [ reply ]
SEC Consult SA-20170912-0 :: Email verification bypass in SAP E-Recruiting 2017-09-12
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20170912-0 >
=======================================================================
title: Email verification bypass
product: SAP E-Recruiting
vulnerable version: 605, 606, 616, 617
fixed version: see SAP security no

[ more ]  [ reply ]
[slackware-security] bash (SSA:2017-251-01) 2017-09-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bash (SSA:2017-251-01)

New bash packages are available for Slackware 13.1, 13.37, 14.0, 14.1, and 14.2
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/package

[ more ]  [ reply ]
[slackware-security] mariadb (SSA:2017-251-02) 2017-09-08
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mariadb (SSA:2017-251-02)

New mariadb packages are available for Slackware 14.1 and 14.2 to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mariadb-10.0

[ more ]  [ reply ]
[SECURITY] [DSA 3967-1] mbedtls security update 2017-09-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3967-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 08, 2017

[ more ]  [ reply ]
Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol 2017-09-07
Pierre Kim (pierre kim sec gmail com)
Hello,

Please find a text-only version below sent to security mailing lists.

The complete version on analysing the security of "Pwning the Dlink
850L routers and abusing the MyDlink Cloud protocol" is posted here:
https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0da
ys-vulnera

[ more ]  [ reply ]
August 2017 - SourceTree - Critical Security Advisory 2017-09-06
David Black (dblack atlassian com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This email refers to the advisory found at
https://confluence.atlassian.com/x/c-mdNw .

CVE ID:

* CVE-2017-1000117 - Git.
* CVE-2017-1000115 - Mercurial.
* CVE-2017-1000116 - Mercurial.
* CVE-2017-9800 - Subversion.

Product: SourceTree.

Affected

[ more ]  [ reply ]
[SECURITY] [DSA 3965-1] file security update 2017-09-05
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3965-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 05, 2017

[ more ]  [ reply ]
[security bulletin] HPESBUX03772 rev.1 - HP-UX BIND Service Running Named, Multiple Vulnerabilities 2017-09-05
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbux
03772en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbux03772en_us

Version: 1

HP

[ more ]  [ reply ]
CVE-2017-11567 Mongoose Web Server v6.5 CSRF Command Execution ( apparitionsec @ gmail / hyp3rlinx ) 2017-09-05
apparitionsec gmail com
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/MONGOOSE-WEB-SERVER-v6.5-CSRF
-COMMAND-EXECUTION.txt
[+] ISR: apparitionSec

Vendor:
===============
www.cesanta.com

Product:
==================
Mongoo

[ more ]  [ reply ]
Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability 2017-09-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2074

ID: FB49498

Acknowledgements: https://www.flickr.com/photos/vulnerabilitylab/36912680045/

http://web.

[ more ]  [ reply ]
[SECURITY] [DSA 3963-1] mercurial security update 2017-09-04
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3963-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
September 04, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3962-1] strongswan security update 2017-09-03
Yves-Alexis Perez (corsac debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3962-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Yves-Alexis Perez
September 03, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3961-1] libgd2 security update 2017-09-03
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3961-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
September 03, 2017

[ more ]  [ reply ]
[security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information 2017-08-31
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03765en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03765en_us

Version: 2

HP

[ more ]  [ reply ]
[security bulletin] HPESBGN03767 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-08-31
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn
03767en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbgn03767en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3957-1] ffmpeg security update 2017-08-28
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3957-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 28, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code Execution 2017-08-28
HPE Product Security Response Team (security-alert hpe com)
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03770en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03770en_us

Version: 1

[ more ]  [ reply ]
[SECURITY] [DSA 3956-1] connman security update 2017-08-27
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3956-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 27, 2017

[ more ]  [ reply ]
Trend Micro Hosted Email Security (HES) - Email Interception and Direct Object Reference 2017-08-24
Patrick Webster (patrick osisecurity com au)
Date:
24-Aug-2017

Product:
Trend Micro Hosted Email Security (HES)

Versions affected:
Hosted Email Security before January 2012.

Vulnerability:

Two vulnerabilities were discovered.

The first allowed any HES user to intercept in-transit emails through
the Trend Micro Hosted Email Security cloud

[ more ]  [ reply ]
[security bulletin] HPESBHF03769 rev.1 - HPE Integrated Lights-out 4 (iLO 4) Multiple Remote Vulnerabilities 2017-08-23
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf
03769en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03769en_us

Version: 1

HP

[ more ]  [ reply ]
[SECURITY] [DSA 3953-1] aodh security update 2017-08-23
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3953-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
August 23, 2017

[ more ]  [ reply ]
[SECURITY] [DSA 3951-1] smb4k security update 2017-08-22
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3951-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 22, 2017

[ more ]  [ reply ]
(Page 6 of 1727)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus